It’s tax time here in Canada. And much like spring flowers, Canada Revenue Agency scams are popping up everywhere. Here’s today’s example. This arrived via email late yesterday:
Now right off the top I knew that it was a scam for the following reasons:
- If you have set up direct deposit, your tax refund is sent to your bank account automatically. You do not have to lift a finger to get it.
- The day that I received this was yesterday which was April the 8th. But this email claims that the refund will expire on April the 7th. Thus this threat actor isn’t all that smart as they clearly can’t pay attention to the details.
There’s also a third thing that identified this as a scam:
That’s the email address that the email was sent from. Which is not the Canada Revenue Agency which typically end in cra-arc.gc.ca. So if you see this email, and you’ve identified all of this, this is the point where you should delete this email. But I’m going down the rabbit hole to expose their endgame. Which is of course a scam to capture your banking credentials. So after clicking on “Deposit your refund” which by the way you should never do, you get taken to this web page:
Now you’ll notice the address of the web page. Here’s a closer look:
That’s not the Canada Revenue Agency as their website is https://www.canada.ca/en/revenue-agency.html. But the threat actors are hoping that you won’t notice. Clicking on the CAPTCHA (which works by the way) takes you here:
Then from there, the threat actors have spent some time trying to replicate each bank’s web page to fool you into entering your banking credentials so that they can swipe your hard earned money. Take CIBC for example:
Other than the two missing pictures at the bottom of the page, this is a pretty good replication of the actual CIBC website. While the threat actors didn’t that that detail right, what they did get right was the fact that there’s code to check the validity of the card number that you have to enter. That way the threat actors aren’t wasting time going through bogus data to find the bank accounts that they can actually steal money from. That shows how crafty these scammers have become. It also shows why you need to always watch out for them as they are clearly evolving to better execute their scams. Thus as always, delete this email the second it arrives in your inbox and move on with your day.
Scam Call Turns Deadly With An Uber Driver Being Killed
Posted in Commentary with tags Scam on April 16, 2024 by itnerdI have dealt with scammers for years. But this is the first time that I have heard of a scam leading to someone to being killed. I have for you a news report where a man in Ohio was being bombarded with scam calls, which lead to an Uber driver being shot and killed by said man. Here’s the video that describes what happened. And I will say that this is not for the faint of heart:
What this appears to be is a scam where instead of the scammers using electronic means to steal money from you, they somehow get you to withdraw cash and then have someone pick it up from you. That someone may be an intermediary who delivers it to someone else who sends the money to its final destination, or they may do that themselves. This is sometimes referred to as a “Hawala” which you can get more info here.
Now the police have arrested this man for shooting the Uber driver. But what I wish would also happen, but I don’t see it happening, is that the scumbags behind this scam get tracked down and arrested as well as they are just as guilty in this Uber driver’s death. I’ve said it before and I will say it again. Scammers are the lowest forms of life out there. They need to be treated like cockroaches and exterminated with extreme prejudice. And the fact that this happened illustrates why that needs to happen sooner rather than later.
Leave a comment »